efe56fa69d18ed2b8698c8ec50f1336617cba74304670ada09069eb8d8ade70f | Triage

Sharing

General

Target

efe56fa69d18ed2b8698c8ec50f1336617cba74304670ada09069eb8d8ade70f.exe
Size

1.5MB
Sample

241119-w431cavker
MD5

9d0811661904d606d82c51771216b3d3
SHA1

ada137b7ee79ceacb85fe92ed8323c7423795a79
SHA256

efe56fa69d18ed2b8698c8ec50f1336617cba74304670ada09069eb8d8ade70f
SHA512

135baf340d341fb263307cf11c6de3997881cab0ecc9f646cf23676699ffc056a8b2f87630bf6a00290c91d1ded6bb189490c97c70002c0b2b2d2ec16e3f28ff
SSDEEP

24576:+29Jy4+4Veoz/t/OzxGNiJXoMZgvdhk+V8q3vi0m+dn5hkoOWuXJcZ:+29Jyr4H/Uz/oMqd++pPkx5y

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  efe56fa69d18ed2b8698c8ec50f1336617cba74304670ada09069eb8d8ade70f.exe
- Size
  
  1.5MB
- MD5
  
  9d0811661904d606d82c51771216b3d3
- SHA1
  
  ada137b7ee79ceacb85fe92ed8323c7423795a79
- SHA256
  
  efe56fa69d18ed2b8698c8ec50f1336617cba74304670ada09069eb8d8ade70f
- SHA512
  
  135baf340d341fb263307cf11c6de3997881cab0ecc9f646cf23676699ffc056a8b2f87630bf6a00290c91d1ded6bb189490c97c70002c0b2b2d2ec16e3f28ff
- SSDEEP
  
  24576:+29Jy4+4Veoz/t/OzxGNiJXoMZgvdhk+V8q3vi0m+dn5hkoOWuXJcZ:+29Jyr4H/Uz/oMqd++pPkx5y
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2